Internet Security Tips and Advice

Keep scripts in check

May 22nd, 2008 by Igor Pankov

As vulnerable or explicitly malicious scripts (for instance, JavaScript or ActiveX) represent the primary attack vector for distributing malware and stealing confidentia information, it makes sense to restrict the execution of scripts on untrusted sites to protect you from drive-by threats.

For Firefox users, there is a quick resolution – the NoScript add-on that is available as a free Firefox extension. By default, it will block scripts on any site that you visit, so you get automatic, preemptive protection. This blocking will render some sites barely usable (for example, YouTube videos will no longer start), so you will need to unblock trusted sites to allow the execution of scripts on them. This can easily be done on the fly right from the Firefox interface, which shows the NoScript toolbar with per-site blocking options.

To keep Internet Explorer users safe, Outpost Firewall Pro or Outpost Security Suite Pro offers similar functionality – to restrict the execution of scripts globally, and then to specify exclusions for trusted sites that are allowed to run scripts. The settings that you configure with Outpost will apply to any web browser; you can also extend this functionality to your email client, which may also be vulnerable.